Yes, I agree. However, as I'm using it to connect two fixed locations I've not really messed around with it too much after I got it working.
[quote="takimata, post:4, topic:4215"]Can I bother you to compare your configuration against mine? Did you do something else to the firewall, or assign the WireGuard interface to any existing or new firewall zone?
[/quote]
Firewall-wise, I added it to the existing LAN zone but haven't opened up any additional ports or anything.
The configs for the two routers are:
Router 1:
config interface 'vpn'
option proto 'wireguard'
option private_key '<router 1 private key>'
list addresses '<router 1 public IP>'
option preshared_key '<Preshared key>'
option listen_port '51820'
config wireguard_vpn
option public_key '<router 2 public key>'
list allowed_ips '192.168.1.0/24'
list allowed_ips '<ipv6 range>'
option route_allowed_ips '1'
option endpoint_host '<router 2 public IP>'
Router 2:
config interface 'vpn'
option proto 'wireguard'
option private_key '<router 2 private key>'
list addresses '<router 2 public IP>'
option preshared_key '<Preshared Key>'
option listen_port '51820'
config wireguard_vpn
option public_key '<router 1 public key>'
list allowed_ips '192.168.0.0/24'
list allowed_ips '<IPv6 range>'
option route_allowed_ips '1'
option endpoint_host '<router 1 public IP>'